• PlexSheep@infosec.pub
      link
      fedilink
      arrow-up
      4
      ·
      4 months ago

      PRs? Isn’t the point of @nocommit that something does not get committed, and therefore no credentials are stored in the git repository? Even if the PR does not get merged, the file is still stored as a hit object and can be restored.

      • zqwzzle
        link
        fedilink
        English
        arrow-up
        2
        ·
        4 months ago

        I read the lint part and my brain forgot about everything else. You could stick the danger call in a pre commit hook though.